commons-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Simon Levermann (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (CODEC-245) RegEx for verifying salts in ShaCrypt is incorrect
Date Mon, 12 Feb 2018 17:11:00 GMT

     [ https://issues.apache.org/jira/browse/CODEC-245?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Simon Levermann updated CODEC-245:
----------------------------------
    Description: 
The regex/code that extracts the salt from a given salt string in Sha2Crypt treats some invalid
salt formats as valid:
{code:java}
^\$([56])\$(rounds=(\d+)\$)?([\.\/a-zA-Z0-9]{1,16}).*
{code}
The code then goes on to use capture group 3 (the round count) to determine how many rounds
are used, and capture group 4 (the actual salt) to use as salt data.

However, for an input that contains an invalid salt specification like this:
{code:java}
$5$notrounds=1000$asdfasdf
{code}
This string is treated as valid. The operation then uses "notrounds" as the salt for hashing:
{code:java}
System.out.println(Sha2Crypt.sha256Crypt(new byte[100], "$5$notrounds=1000$asdfasdf"));
{code}
The above code prints
{code:java}
$5$notrounds$aAEx6EzUBfc.aIIeiItVjUREbj/ar4xlb/qcMxD90NA
{code}
This code should probably throw an exception. Additionally, other invalid salt strings like

 
{code:java}
$6$rounds=1000$äöüäöü
{code}
Result in hashes like:
{code:java}
$5$rounds$ZIRdMgi25kK5Zmi1whKjcnFN/Pe8QCAOlTmxMfwAoq5
{code}
Completely ignoring the rounds parameter, and using the literal string "rounds" as the salt
for hashing.

 

  was:
The regex/code that extracts the salt from a given salt string in Sha2Crypt treats some invalid
salt formats as valid:
{code:java}
^\$([56])\$(rounds=(\d+)\$)?([\.\/a-zA-Z0-9]{1,16}).*
{code}
The code then goes on to use capture group 3 (the round count) to determine how many rounds
are used, and capture group 4 (the actual salt) to use as salt data.

However, for an input that contains an invalid salt specification like this:
{code:java}
$5$notrounds=1000$asdfasdf
{code}
This string is treated as valid. The operation then uses "notrounds" as the salt for hashing:
{code:java}
System.out.println(Sha2Crypt.sha256Crypt(new byte[100], "$5$notrounds=1000$asdfasdf"));
{code}
The above code prints
{code:java}
$5$notrounds$aAEx6EzUBfc.aIIeiItVjUREbj/ar4xlb/qcMxD90NA
{code}
This code should probably throw an exceptions. Additionally, other invalid salt strings like

 
{code:java}
$6$rounds=1000$äöüäöü
{code}
Result in hashes like:
{code:java}
$5$rounds$ZIRdMgi25kK5Zmi1whKjcnFN/Pe8QCAOlTmxMfwAoq5
{code}
Completely ignoring the rounds parameter, and using the literal string "rounds" as the salt
for hashing.

 


> RegEx for verifying salts in ShaCrypt is incorrect
> --------------------------------------------------
>
>                 Key: CODEC-245
>                 URL: https://issues.apache.org/jira/browse/CODEC-245
>             Project: Commons Codec
>          Issue Type: Bug
>    Affects Versions: 1.11
>            Reporter: Simon Levermann
>            Priority: Major
>
> The regex/code that extracts the salt from a given salt string in Sha2Crypt treats some
invalid salt formats as valid:
> {code:java}
> ^\$([56])\$(rounds=(\d+)\$)?([\.\/a-zA-Z0-9]{1,16}).*
> {code}
> The code then goes on to use capture group 3 (the round count) to determine how many
rounds are used, and capture group 4 (the actual salt) to use as salt data.
> However, for an input that contains an invalid salt specification like this:
> {code:java}
> $5$notrounds=1000$asdfasdf
> {code}
> This string is treated as valid. The operation then uses "notrounds" as the salt for
hashing:
> {code:java}
> System.out.println(Sha2Crypt.sha256Crypt(new byte[100], "$5$notrounds=1000$asdfasdf"));
> {code}
> The above code prints
> {code:java}
> $5$notrounds$aAEx6EzUBfc.aIIeiItVjUREbj/ar4xlb/qcMxD90NA
> {code}
> This code should probably throw an exception. Additionally, other invalid salt strings
like
>  
> {code:java}
> $6$rounds=1000$äöüäöü
> {code}
> Result in hashes like:
> {code:java}
> $5$rounds$ZIRdMgi25kK5Zmi1whKjcnFN/Pe8QCAOlTmxMfwAoq5
> {code}
> Completely ignoring the rounds parameter, and using the literal string "rounds" as the
salt for hashing.
>  



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message